CVE-2026-34094 Customized help link for page protection indicator is relative to subpage name, because the link target is missing the "/wiki/" prefix

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue affects MediaWiki: from before 1.43.7, 1.44.4, 1.45.2...

CVE-2026-34094

CVE-2026-34094 affects Wikimedia Foundation MediaWiki prior to 1.43.7, 1.44.4, and 1.45.2. The issue is in the Page/Article.Php path where a Customized help link for a page protection indicator is relative to the subpage name because the link target is missing the "/wiki/" prefix. This describes ...

CVE-1999-0783

FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system...

EUVD-2021-22573

Malware in sbrugna...

EUVD-2019-2108

Malware in sbrugna...

EUVD-2023-32300

Malicious code in bioql PyPI...

EUVD-2023-1048

Malicious code in bioql PyPI...

EUVD-2022-0277

Malicious code in bioql PyPI...

EUVD-2022-55143

Malicious code in bioql PyPI...

EUVD-2023-53943

Malicious code in bioql PyPI...

EUVD-2024-53288

Malicious code in bioql PyPI...

EUVD-2022-52933

Malicious code in bioql PyPI...

CVE-2025-54798

CVE-2025-54798 concerns the tmp package for Node.js. In versions 0.2.3 and earlier, it is vulnerable to arbitrary temporary file and directory writes via the symbolic link dir parameter. The issue is fixed in version 0.2.4; users should upgrade to 0.2.4 or later to mitigate. The connected IBM bul...

CVE-2025-54798 tmp does not restrict arbitrary temporary file / directory write via symbolic link `dir` parameter

tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...

CVE-2025-3046

A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through symbolic links. The ObsidianReader fails to resolve symlinks to their real paths and does not validate whether the resolved paths lie within the...

CVE-2024-43111

Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS 129...

CVE-2020-0896

An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0840, CVE-2020-0841, CVE-2020-0849...

CVE-2019-15578

An information disclosure exists in 12.3.2, 12.2.6, and 12.1.12 for GitLab Community Edition CE and Enterprise Edition EE. The path of a private project, that used to be public, would be disclosed in the unsubscribe email link of issues and merge requests...

PT-2025-21188

Name of the Vulnerable Software and Affected Versions: Thunderbird versions prior to 128.10.1 Thunderbird versions prior to 138.0.1 Description: The issue allowed an attacker to craft an email that showed a tracking link as an attachment. When the user attempted to open the attachment, Thunderbir...

GNU GRUB Buffer Overflow Vulnerability (CNVD-2025-08310)

GNU GRUB is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in GNU GRUB. The vulnerability stems from the romsfs module containing an integer overflow issue when handling symbolic links, resulting in a heap-based out-of-bounds write when reading data. No...